Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-3800

A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.

Published

2022-08-23T16:15:09.980

Last Modified

2024-11-21T06:22:28.277

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-200
Type: Secondary
CWE-552

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	gnome	glib	< 2.62.5	Yes
Application	gnome	glib	< 2.63.6	Yes
Operating System	debian	debian_linux	10.0	Yes
Application	netapp	active_iq_unified_manager	-	Yes

References

https://access.redhat.com/security/cve/CVE-2021-3800 Third Party Advisory ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=1938284 Issue Tracking, Patch, Third Party Advisory ([email protected])
https://gitlab.gnome.org/GNOME/glib/-/commit/3529bb4450a51995 Patch, Vendor Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2022/09/msg00020.html Mailing List, Third Party Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20221028-0004/ Third Party Advisory ([email protected])
https://www.openwall.com/lists/oss-security/2017/06/23/8 Exploit, Mailing List, Patch, Third Party Advisory ([email protected])
https://access.redhat.com/security/cve/CVE-2021-3800 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1938284 Issue Tracking, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://gitlab.gnome.org/GNOME/glib/-/commit/3529bb4450a51995 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2022/09/msg00020.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20221028-0004/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.openwall.com/lists/oss-security/2017/06/23/8 Exploit, Mailing List, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)